PRTG Traffic Grapher Monitor_Bandwidth函数跨站脚本漏洞

BUGTRAQ ID: 35128 CVECAN ID: CVE-2009-1849 PRTG Traffic Grapher是一个使用方便的Windows软件，能够对网络带宽的使用进行监控和分类。 PRTG Traffic Grapher没有正确地验证对MonitorBandwidth函数所提交的输入参数，如果用户受骗跟随了包含有恶意脚本的链接的话，就会导致在用户浏览器会话中执行跨站脚本。 Paessler PRTG Traffic Grapher 6.2.2.977 厂商补丁： Paessler -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

PRTG Traffic Grapher 'Monitor_Bandwidth' Cross Site Scripting Vulnerability

PRTG Traffic Grapher is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...